Fenced frame: Prevent file://localhost/* files from loading.
Fenced frames are meant to be able to load the following URLs with a
default constructor:
- about:blank URLs
- https://* URLs
- http://localhost URLs
The net::IsLocalhost() check that is currently being used for the last
case is only checking that the URL starts with "localhost", not that
the scheme is http/https. This allows the fenced frame to load URLs like file://localhost/path/to/file. This CL tightens the check to also
check that the scheme is HTTP. The "https://localhost/" case will
still be covered by the "https://" check.
Bug: 368628042
Change-Id: If53573f5701c28e5674ecb524191cddc12b950fe
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5902121
Reviewed-by: Shivani Sharma shivanisha@chromium.org
Commit-Queue: Liam Brady lbrady@google.com
Cr-Commit-Position: refs/heads/main@{#1368957}